return 1, 'disabled' ########################################################################## def undo(self, change_record=None): """Undo the previous action.""" if not change_record or change_record != 'disabled': msg = 'unable to undo without valid change record' self.logger.error(self.module_name, 'Undo Error: ' + msg) return 0 try: result, reason = self.scan() if result == 'Fail': return 0 except tcs_utils.ScanNotApplicable, err: msg = 'module is not applicable for this system' self.logger.error(self.module_name, 'Undo Error: ' + msg) return 0 results = sb_utils.os.service.enable(svcname=self.__svcname) if results != True: msg = 'Failed to enable %s' % self.__svcname self.logger.error(self.module_name, 'Undo Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) msg = '%s (%s) enabled' % (self.__svcdesc, self.__svcname) self.logger.notice(self.module_name, 'Undo Performed: ' + msg) return 1
class DisableWbem: def __init__(self): self.module_name = 'DisableWbem' self.__target_file = '' self.logger = TCSLogger.TCSLogger.getInstance() # # Identify the service and package name here: # self.__svcname = 'svc:/application/management/wbem' self.__svcdesc = 'SMC and WBEM Server' self.__pkgname = 'SUNWwbcor' ########################################################################## def validate_input(self, option): if option and option != 'None': return 1 return 0 ########################################################################## def scan(self, option=None): results = sb_utils.os.software.is_installed(pkgname=self.__pkgname) if results == None: msg = "Unable to determine if %s installed." % self.__pkgname self.logger.error(self.module_name, 'Scan Error: ' + msg) if results == False: msg = "%s (%s) is not installed on the system" % \ (self.__svcdesc, self.__pkgname) self.logger.warn(self.module_name, 'Not Applicable: ' + msg) raise tcs_utils.ScanNotApplicable('%s %s' % (self.module_name, msg)) results = sb_utils.os.service.is_enabled(svcname=self.__svcname) if results == True: msg = "svcprop reports %s is on" % self.__svcdesc self.logger.info(self.module_name, 'Scan Failed: ' + msg) return 'Fail', msg return 'Pass', '' ########################################################################## def apply(self, option=None): try: result, reason = self.scan() if result == 'Pass': return 0, '' except tcs_utils.ScanNotApplicable, err: msg = "module is not applicable for this system" self.logger.error(self.module_name, 'Apply Error: ' + msg) return 0, '' results = sb_utils.os.service.disable(svcname=self.__svcname) if results != True: msg = 'Failed to disable %s' % self.__svcname self.logger.error(self.module_name, 'Apply Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) msg = '%s (%s) disabled' % (self.__svcdesc, self.__svcname) self.logger.notice(self.module_name, 'Apply Performed: ' + msg) return 1, 'disabled'
def apply(libraryName=None, enable=False, packageList=None, serviceList=None, option=None): """ Disable services associated with this module. Returns: (update_flag, action_record, messages) update_flag -- Boolean: True = StateHandler will record change record action_record -- String: Change record the StateHandler will store messages -- Dictionary: messages to embed into the repord """ # scan first to see if we need to do anything...and don't bother trying # to turn things off if they already are results, reason, messages = scan(libraryName, enable=enable, packageList=packageList, serviceList=serviceList, option=option) if results == True: return False, reason, messages if serviceList == None: (serviceList, serviceProps) = getServiceList(libraryName=libraryName) elif type(serviceList) == type(""): serviceList = [serviceList] elif type(serviceList) != type([]): msg = "Invalid service list detected" logger.error(libraryName, "Scan Error: " + msg) raise tcs_utils.ScanError('%s %s' % (libraryName, msg)) if packageList == None: packageList = getPackageList(libraryName=libraryName) elif type(packageList) == type(""): packageList = [packageList] elif type(packageList) != type([]): msg = "Invalid package list detected" logger.error(libraryName, "Scan Error: " + msg) raise tcs_utils.ScanError('%s %s' % (libraryName, msg)) if len(serviceList) < 1: msg = "No services identified for this module." raise tcs_utils.OSNotApplicable('%s %s' % (libraryName, msg)) messages = {} messages['messages'] = [] action_record = [] # Check for each package in the list. If ONE package is missing, # report a not applicable for pkg_item in packageList: results = sb_utils.os.software.is_installed(pkgname=pkg_item) if results == False: msg = "'%s' package is not installed" % pkg_item logger.warning(libraryName, 'Not Applicable: ' + msg) raise tcs_utils.ScanNotApplicable('%s %s' % (libraryName, msg)) else: msg = "'%s' package is installed" % pkg_item logger.info(libraryName, msg) messages['messages'].append(msg) service_count = 0 all_services = len(serviceList) update_flag = False error_flag = False for service_item in serviceList: pre_change = '' results = sb_utils.os.service.is_enabled(svcname=service_item) if results == None: msg = "Unable to determine status of the '%s' service" % service_item logger.error(libraryName, msg) error_flag = True messages['messages'].append(msg) continue if enable == False: # Record service's current state before we disable it # but DO NOT add it to the change record until we are able # actually perform the apply if results == False: msg = "'%s' service is already disabled" % service_item messages['messages'].append(msg) continue pre_change = "%s|on\n" % service_item # Try to disable the service results = sb_utils.os.service.disable(svcname=service_item) if results != True: msg = "Unable to disable service '%s'" % service_item logger.error(libraryName, msg) error_flag = True messages['messages'].append(msg) else: service_count = service_count + 1 msg = "'%s' service is now configured to not start during next system boot" % service_item logger.notice(libraryName, "Apply Performed: %s" % msg) action_record.append(pre_change) messages['messages'].append(msg) update_flag = True if stop_service_now() == False: msg = "To immediately disable the '%s' service either "\ "reboot or execute: service %s stop" % (service_item, service_item) messages['messages'].append(msg) else: # Record service's current state before we disable it # but DO NOT add it to the change record until we are able # actually perform the apply if results == True: msg = "'%s' service is already enabled" % service_item messages['messages'].append(msg) continue pre_change = "%s|off\n" % service_item # Try to disable the service results = sb_utils.os.service.enable(svcname=service_item) if results != True: msg = "Unable to enable service '%s'" % service_item logger.error(libraryName, msg) error_flag = True messages['messages'].append(msg) else: service_count = service_count + 1 msg = "'%s' service is now configured to start during next system boot" % service_item logger.notice(libraryName, "Apply Performed: %s" % msg) action_record.append(pre_change) messages['messages'].append(msg) update_flag = True if stop_service_now() == False: msg = "To immediately enable the '%s' service either "\ "reboot or execute: service %s stop" % (service_item, service_item) messages['messages'].append(msg) if error_flag == True and service_count == 0: if enable == False: msg = "Unable to disable associated services" else: msg = "Unable to enable associated services" raise tcs_utils.ActionError(msg) if error_flag == True and service_count != all_services: if enable == False: msg = "Unable to disable all of the associated services" else: msg = "Unable to enable all of the associated services" else: if enable == False: msg = "Disabled all of the associated services" else: msg = "Enabled all of the associated services" # When returning our change record, we will reverse the order of the # services. This way when the undo method receives it, they will be # "undone" in reverse order. action_record.reverse() return update_flag, ''.join(action_record), messages
def undo(libraryName=None, change_record=None): (serviceList, serviceProps) = getServiceList(libraryName=libraryName) packageList = getPackageList(libraryName=libraryName) # Not needed del serviceList error_flag = False messages = {} messages['messages'] = [] if not change_record: msg = "No change record in state file." logger.notice(libraryName, 'Skipping undo: ' + msg) messages['messages'].append(msg) return False, msg, messages # Check for each package in the list. If ONE package is missing, # report a not applicable # Commenting out package/service check - base the undo solely on the change record # for pkg_item in packageList: # results = sb_utils.os.software.is_installed(pkgname=pkg_item) # if results == False: # msg = "'%s' package is not installed" % pkg_item # logger.warning(libraryName, 'Not Applicable: ' + msg) # messages['messages'].append(msg) # else: # msg = "'%s' package is installed" % pkg_item # logger.info(libraryName, msg) # messages['messages'].append(msg) service_count = 0 all_services = 0 for change in change_record.split('\n'): if not change: continue all_services += 1 try: (service_item, service_state) = change.split('|') except: msg = "Malformed change record: %s" % change logger.error(libraryName, msg) continue # a few older modules inverted the item/state relation, so try to sanity check the results if service_item in ['on', 'off' ] and service_state not in ['on', 'off']: msg = "Detected reversed change record, fixing on the fly..." logger.notice(libraryName, msg) temp_swap = service_item service_item = service_state service_state = service_item if service_state == 'on': results = sb_utils.os.service.enable(svcname=service_item) if results != True: msg = "Unable to enable the '%s' service" % service_item logger.error(libraryName, msg) error_flag = True messages['messages'].append(msg) else: msg = "'%s' service is now configured to start during next system boot" % service_item logger.notice(libraryName, "Undo Performed: %s" % msg) messages['messages'].append(msg) service_count = service_count + 1 else: results = sb_utils.os.service.disable(svcname=service_item) if results != True: msg = "Unable to disable the '%s' service" % service_item logger.error(libraryName, msg) error_flag = True messages['messages'].append(msg) else: msg = "'%s' service is now configured to not start during next system boot" % service_item logger.notice(libraryName, "Undo Performed: %s" % msg) messages['messages'].append(msg) service_count = service_count + 1 if error_flag == True and service_count == 0: msg = "Unable to restore associated services their previous states." raise tcs_utils.ActionError(msg) if error_flag == True and service_count != all_services: msg = "Unable to restore the state of all associated services" else: msg = "Restored the state of all associated services" return True, msg, messages
def undo(self, change_record=None): messages = {'messages': []} if change_record == None: return False, 'Missing change record', {} lines = change_record.rstrip('\n').split('\n') old_php_settings = {} already_done = {} for line in lines: fields = line.split('|') if len(fields) != 3: continue section = fields[0].strip(' ') if not old_php_settings.has_key(section): old_php_settings[section] = {} already_done[section] = {} subkey = fields[1].strip(' ') old_php_settings[section][subkey] = fields[2].strip(' ') already_done[section][subkey] = False try: in_obj = open(self.__php_ini, 'r') out_obj = open(self.__newfile, 'w') except IOError: msg = 'Unable to create temp %s' % self.__newfile self.logger.error(self.module_name, 'Undo Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) lines = in_obj.xreadlines() section = None for line in lines: line = line.strip(' ') if line.startswith('['): if already_done.has_key(section): for skey in already_done[section].keys(): if already_done[section][skey] == False: out_obj.write(skey + ' = ') out_obj.write(old_php_settings[section][skey]) out_obj.write('\n') section = line.rstrip('\n') section = section.strip(' ') section = section.lstrip('[') section = section.rstrip(']') out_obj.write(line) continue newline = line if not line.startswith(';') and not line.startswith('\n'): line = line.rstrip('\n') opt, curvalue = line.split('=', 1) opt = opt.strip(' ') if curvalue != None: curvalue = curvalue.strip(' ') if old_php_settings.has_key(section): subkey = old_php_settings[section] if subkey.has_key(opt): if subkey[opt] != curvalue: # Ignore duplicates if already_done[section][opt] == True: continue already_done[section][opt] = True change_record += section + '|' + opt + \ '|' + curvalue + '\n' newline = opt + ' = ' + subkey[opt] + '\n' else: if already_done[section][opt] == True: continue already_done[section][opt] = True out_obj.write(newline) out_obj.close() in_obj.close() # Switch old file with new one while preserving permissions try: shutil.copymode(self.__php_ini, self.__newfile) shutil.copy2(self.__newfile, self.__php_ini) os.unlink(self.__newfile) except OSError: msg = "Unable to replace %s with new version." % self.__php_ini self.logger.error(self.module_name, 'Undo Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) msg = "PHP Session settings restored in %s" % self.__php_ini return True, msg, messages
def undo(self, change_record=None): if not change_record: msg = "Skipping Undo: No change record in state file." self.logger.notice(self.module_name, 'Skipping undo: ' + msg) return 0 maxrepeat = re.compile('maxrepeat=\d+') password = re.compile('^password\s+\S+\s+(\S*?/+)*pam_cracklib.so\s+') for param in change_record.split('\n'): (pairKey, pairValue) = param.split('=') # Reset PAM entry if pairKey == 'pam_maxrepeat': try: in_obj = open(self.__target_file, 'r') except Exception, err: msg = "Unable to open file %s (%s)." % (self.__target_file, str(err)) self.logger.error(self.module_name, 'Undo Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) lines = in_obj.readlines() in_obj.close() try: out_obj = open(self.__target_file + '.new', 'w') except Exception, err: msg = "Unable to create temporary file (%s)" % str(err) self.logger.error(self.module_name, 'AUndo Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) msg = '' for line in lines: line = line.lstrip(' ') if password.search(line): match_obj = maxrepeat.search(line) if match_obj: # May have to do a replacement but check first old_string = match_obj.group() tokens = old_string.split('=') old_value = tokens[1] if pairValue != 'unset': new_line = re.sub( old_string, 'maxrepeat=%d' % int(pairValue), line) msg = "pam_cracklib's 'maxrepeat' option restored to %d" % ( int(pairValue)) else: # no substitution needed new_line = re.sub(old_string, '', line) msg = "pam_cracklib's 'maxrepeat' option removed" else: new_line = line out_obj.write(new_line) else: out_obj.write(line) # Swap the two files out_obj.close() try: shutil.copymode(self.__target_file, self.__target_file + '.new') shutil.copy2(self.__target_file + '.new', self.__target_file) sb_utils.SELinux.restoreSecurityContext(self.__target_file) os.unlink(self.__target_file + '.new') except OSError: msg = "Unable to replace %s with new version." % self.__target_file self.logger.error(self.module_name, 'Undo Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) if msg != '': self.logger.notice(self.module_name, 'Undo Performed: ' + msg)
def undo(self, change_record=None): if not change_record: msg = "Unable to perform undo operation without change record." self.logger.error(self.module_name, 'Undo Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) records = change_record.split('\n') if len(records) != 2: msg = "Unable to perform undo operation without a complete record." self.logger.error(self.module_name, 'Undo Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) mem_obj = None file_obj = None for line in records: try: (paramtype, jsonobj) = line.split('|') if paramtype == 'mem': mem_obj = eval(jsonobj) if paramtype == 'file': file_obj = eval(jsonobj) except Exception: continue del change_record del records ###################################################################### if len(file_obj) != 0: msg = "Reverting settings in %s" % (self.__target_file) self.logger.info(self.module_name, msg) for xparam in file_obj.keys(): results = '' if file_obj[xparam] == '': results = sb_utils.os.config.unsetparam( \ configfile=self.__target_file, param=xparam, delim='=') else: results = sb_utils.os.config.setparam( \ configfile=self.__target_file, \ param=xparam, value=str(file_obj[xparam]), delim='=') if results == False: msg = "Unable to set %s in %s" % (xparam, self.__target_file) self.logger.error(self.module_name, 'Undo Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) else: if file_obj[xparam] == '': msg = "'%s' removed from %s" % (xparam, self.__target_file) else: msg = "'%s' set to '%s' in %s" % ( xparam, file_obj[xparam], self.__target_file) self.logger.notice(self.module_name, "Undo Performed: " + msg) del file_obj ###################################################################### if len(mem_obj) != 0: msg = "Reverting in-memory kernel settings using sysctl(8) utility" self.logger.info(self.module_name, msg) SysCtl = sb_utils.os.linux.sysctl() for param in mem_obj.keys(): results = SysCtl.setparam(paramname=param, paramval=mem_obj[param]) if results == True: msg = "Reset '%s' to '%s'" % (param, str(mem_obj[param])) self.logger.notice(self.module_name, 'Undo Performed: ' + msg) else: msg = "Unable to reset '%s' to '%s'" % ( param, str(mem_obj[param])) self.logger.error(self.module_name, 'Undo Error: ' + msg) del SysCtl del mem_obj return 1
def apply(self, option=None): """ Set parameters in /etc/php.ini Change record line is: <section>|<option>|<value> """ if not os.path.isfile(self.__php_ini): msg = "%s not found. Is PHP installed?" % self.__php_ini self.logger.warn(self.module_name, 'Not Applicable: ' + msg) raise tcs_utils.ScanNotApplicable('%s %s' % (self.module_name, msg)) already_done = {} change_record = "" for subkey in self.__php_settings.keys(): already_done[subkey] = {} for subsubkey in self.__php_settings[subkey].keys(): already_done[subkey][subsubkey] = False # Create new /etc/php.ini if it is missing if not os.path.isfile(self.__php_ini): try: out_obj = open(self.__php_ini, 'w') except IOError: msg = 'Unable to create new %s' % self.__php_ini self.logger.error(self.module_name, 'Apply Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) out_obj.write('; Created by OS Lockdown\n') for section in self.__php_settings.keys(): out_obj.write('[' + section + ']\n') subpair = self.__php_settings[section] for subkey in subpair.keys(): subvalue = self.__php_settings[section][subkey] out_obj.write(subkey + ' = ' + subvalue + '\n') out_obj.write('\n') out_obj.close() return False, '\n', {} self.logger.info(self.module_name, 'Checking %s' % self.__php_ini) try: in_obj = open(self.__php_ini, 'r') out_obj = open(self.__newfile, 'w') except IOError: msg = 'Unable to create temp %s' % self.__newfile self.logger.error(self.module_name, 'Apply Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) lines = in_obj.xreadlines() section = None for line in lines: line = line.strip(' ') if line.startswith('['): if already_done.has_key(section): for skey in already_done[section].keys(): if already_done[section][skey] == False: out_obj.write(skey + ' = ') out_obj.write(self.__php_settings[section][skey]) out_obj.write('\n') section = line.rstrip('\n') section = section.strip(' ') section = section.lstrip('[') section = section.rstrip(']') out_obj.write(line) continue newline = line if not line.startswith(';') and not line.startswith('\n'): line = line.rstrip('\n') opt, curvalue = line.split('=', 1) opt = opt.strip(' ') if curvalue != None: curvalue = curvalue.strip(' ') if self.__php_settings.has_key(section): subkey = self.__php_settings[section] if subkey.has_key(opt): if subkey[opt] != curvalue: # Ignore duplicates if already_done[section][opt] == True: continue already_done[section][opt] = True change_record += section + '|' + opt + \ '|' + curvalue + '\n' newline = opt + ' = ' + subkey[opt] + '\n' msg = 'Apply Performed: Set ' + opt + ' = ' + subkey[ opt] self.logger.info(self.module_name, msg) else: if already_done[section][opt] == True: continue already_done[section][opt] = True out_obj.write(newline) out_obj.close() # Switch old file with new one while preserving permissions try: shutil.copymode(self.__php_ini, self.__newfile) shutil.copy2(self.__newfile, self.__php_ini) os.unlink(self.__newfile) except OSError: msg = "Unable to replace %s with new version." % self.__php_ini self.logger.error(self.module_name, 'Apply Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) return True, change_record, {}
def apply(self, option=None): paramlist = sb_utils.os.config.get_list(configfile=self.__target_file, delim='=') SysCtl = sb_utils.os.linux.sysctl() sysdict = SysCtl.getlist() change_record = '' mem_action_record = {} file_action_record = {} if len(sysdict) == 0: msg = "Unable to get in-memory kernel setting using sysctl(8) utility" self.logger.error(self.module_name, 'Apply Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) ipv6_enabled = False if sysdict.has_key('net.ipv6.conf.default.forwarding'): ipv6_enabled = True else: msg = "IPv6 support not enabled in the OS; skipping IPv6 tests." self.logger.info(self.module_name, msg) ###################################################################### msg = "Checking settings in %s" % (self.__target_file) self.logger.info(self.module_name, msg) for xparam in self.__settings.keys(): if paramlist.has_key(xparam): if int(self.__settings[xparam]) == int(paramlist[xparam]): continue else: if 'ipv6' in xparam.split('.') and ipv6_enabled == False: msg = "Skipping - '%s' not found in %s" % ( self.__target_file, xparam) self.logger.info(self.module_name, msg) continue results = sb_utils.os.config.setparam( \ configfile=self.__target_file, \ param=xparam, value=str(self.__settings[xparam]), delim='=') if results == False: msg = "Unable to set %s in %s" % (xparam, self.__target_file) self.logger.error(self.module_name, 'Apply Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) else: file_action_record[xparam] = str(results) msg = "Apply Performed: %s set to '%s' in %s" % \ (xparam, self.__settings[xparam], self.__target_file) self.logger.notice(self.module_name, msg) ###################################################################### msg = "Checking in-memory kernel settings using sysctl(8) utility" self.logger.info(self.module_name, msg) for param in self.__settings.keys(): if sysdict.has_key(param): if int(self.__settings[param]) != int(sysdict[param]): results = SysCtl.setparam(paramname=param, paramval=self.__settings[param]) if results == True: mem_action_record[param] = str(sysdict[param]) msg = "Set '%s' to '%s' in running kernel" % ( param, str(self.__settings[param])) self.logger.notice(self.module_name, 'Apply Performed: ' + msg) else: msg = "Unable to set '%s' to '%s' in running kernel" % ( param, str(self.__settings[param])) self.logger.error(self.module_name, 'Apply Error: ' + msg) del paramlist del sysdict del SysCtl if mem_action_record == {} and file_action_record == {}: return 0, '' else: change_record = "mem|%s\nfile|%s" % (str(mem_action_record), str(file_action_record)) return 1, change_record
def undo(self, change_record=None): messages = {'messages': []} zonename = sb_utils.os.solaris.zonename() if zonename != 'global': msg = "Unable to perform module undo or apply action to a "\ "non-global Solaris zone (%s)" % zonename self.logger.notice(self.module_name, 'Apply Failed: ' + msg) raise tcs_utils.ZoneNotApplicable('%s %s' % (self.module_name, msg)) if not change_record: msg = "Unable to perform undo operation without change record." self.logger.error(self.module_name, 'Undo Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) failure_flag = False for xparam in change_record.split('\n'): if not xparam: continue if '=' not in xparam: msg = 'Malformed change record: %s' % (xparam) self.logger.error(self.module_name, 'Undo Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) param_key = xparam.split('=')[0] param_val = xparam.split('=')[1] if not param_val: results = sb_utils.os.config.unsetparam( param=param_key, configfile=self.__target_file) msg = 'Removing %s from %s' % (param_key, self.__target_file) self.logger.notice(self.module_name, 'Undo Performed: ' + msg) messages['messages'].append(msg) else: results = sb_utils.os.config.setparam( param=param_key, delim='=', value=param_val, configfile=self.__target_file) msg = 'Resetting %s to %s from %s' % \ (param_key, param_val, self.__target_file) self.logger.notice(self.module_name, 'Undo Performed: ' + msg) messages['messages'].append(msg) if results == False: msg = "Unable to restore %s in %s" % (param_key, self.__target_file) self.logger.error(self.module_name, 'Undo Failed: ' + msg) failure_flag = True # Set in memory settings ... if param_key.startswith('ip'): thedrvr = 'ip' if param_key.startswith('icmp'): thedrvr = 'icmp' if param_key.startswith('tcp'): thedrvr = 'tcp' if param_key.startswith('udp'): thedrvr = 'udp' results = sb_utils.os.solaris.ndd_set(param=param_key, paramValue=param_val, driver=thedrvr) if results == False: msg = "Unable to set %s to %s in current running kernel" % ( param_key, param_key) self.logger.error(self.module_name, 'Undo Error: ' + msg) messages['messages'].append("Error: %s" % msg) else: msg = "Reset %s to %s in current running kernel" % (param_key, param_key) self.logger.notice(self.module_name, 'Undo Error: ' + msg) messages['messages'].append(msg) if failure_flag == True: return False, '', messages else: return True, '', messages
def apply(self, option=None): result, reason, messages = self.scan() if result == True: return False, '', {} messages = {'messages': []} zonename = sb_utils.os.solaris.zonename() if zonename != 'global': msg = "Unable to perform module apply or undo action to a "\ "non-global Solaris zone (%s)" % zonename self.logger.notice(self.module_name, 'Apply Failed: ' + msg) raise tcs_utils.ZoneNotApplicable('%s %s' % (self.module_name, msg)) action_record = [] for xparam in self.__param.keys(): results = sb_utils.os.config.setparam( \ configfile=self.__target_file, \ param=xparam, value=str(self.__param[xparam]), delim='=') if results == False: msg = "Unable to set %s in %s" % (xparam, self.__target_file) self.logger.error(self.module_name, 'Apply Error: ' + msg) raise tcs_utils.ActionError('%s %s' % (self.module_name, msg)) else: action_record.append(xparam + '=' + results + '\n') msg = "%s set to '%d' in %s" % (xparam, self.__param[xparam], self.__target_file) self.logger.notice(self.module_name, "Apply Performed: %s" % msg) messages['messages'].append(msg) # Set in memory settings ... if xparam.startswith('ip'): thedrvr = 'ip' if xparam.startswith('icmp'): thedrvr = 'icmp' if xparam.startswith('tcp'): thedrvr = 'tcp' if xparam.startswith('udp'): thedrvr = 'udp' #curvalue = sb_utils.os.solaris.ndd_get(param=xparam, driver=thedriver) results = sb_utils.os.solaris.ndd_set(param=xparam, paramValue=str( self.__param[xparam]), driver=thedrvr) if results == False: msg = "Unable to set %s to %s in current running kernel" % ( xparam, str(self.__param[xparam])) messages['messages'].append("Error: %s" % msg) self.logger.error(self.module_name, 'Apply Error: ' + msg) else: msg = "Set %s to %s in current running kernel" % ( xparam, str(self.__param[xparam])) messages['messages'].append(msg) self.logger.notice(self.module_name, 'Apply Performed: ' + msg) return True, ''.join(action_record), messages
def undo(self, change_record): raise tcs_utils.ActionError("%s %s" % (self.module_name, self.msg))
def apply(self, option): raise tcs_utils.ActionError("%s %s" % (self.module_name, self.msg))